| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/quick_unlock/pin_storage.h" | 5 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_factory.h" |
| 6 #include "chrome/browser/chromeos/login/quick_unlock/pin_storage_factory.h" | 6 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_storage.h" |
| 7 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_utils.h" | 7 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_utils.h" |
| 8 #include "chrome/common/pref_names.h" | 8 #include "chrome/common/pref_names.h" |
| 9 #include "chrome/test/base/testing_profile.h" | 9 #include "chrome/test/base/testing_profile.h" |
| 10 #include "components/prefs/pref_service.h" | 10 #include "components/prefs/pref_service.h" |
| 11 #include "components/prefs/scoped_user_pref_update.h" | 11 #include "components/prefs/scoped_user_pref_update.h" |
| 12 #include "content/public/test/test_browser_thread_bundle.h" | 12 #include "content/public/test/test_browser_thread_bundle.h" |
| 13 #include "testing/gtest/include/gtest/gtest.h" | 13 #include "testing/gtest/include/gtest/gtest.h" |
| 14 | 14 |
| 15 namespace chromeos { | 15 namespace chromeos { |
| 16 namespace { | 16 namespace { |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 68 // 1. Prefs are initially empty | 68 // 1. Prefs are initially empty |
| 69 // 2. Setting a PIN will update the pref system. | 69 // 2. Setting a PIN will update the pref system. |
| 70 // 3. Removing a PIN clears prefs. | 70 // 3. Removing a PIN clears prefs. |
| 71 TEST_F(PinStorageUnitTest, PinStorageWritesToPrefs) { | 71 TEST_F(PinStorageUnitTest, PinStorageWritesToPrefs) { |
| 72 PrefService* prefs = profile_->GetPrefs(); | 72 PrefService* prefs = profile_->GetPrefs(); |
| 73 | 73 |
| 74 EXPECT_EQ("", prefs->GetString(prefs::kQuickUnlockPinSalt)); | 74 EXPECT_EQ("", prefs->GetString(prefs::kQuickUnlockPinSalt)); |
| 75 EXPECT_EQ("", prefs->GetString(prefs::kQuickUnlockPinSecret)); | 75 EXPECT_EQ("", prefs->GetString(prefs::kQuickUnlockPinSecret)); |
| 76 | 76 |
| 77 quick_unlock::PinStorage* pin_storage = | 77 quick_unlock::PinStorage* pin_storage = |
| 78 quick_unlock::PinStorageFactory::GetForProfile(profile_.get()); | 78 quick_unlock::QuickUnlockFactory::GetForProfile(profile_.get()) |
| 79 ->pin_storage(); |
| 79 PinStorageTestApi pin_storage_test(pin_storage); | 80 PinStorageTestApi pin_storage_test(pin_storage); |
| 80 | 81 |
| 81 pin_storage->SetPin("1111"); | 82 pin_storage->SetPin("1111"); |
| 82 EXPECT_TRUE(pin_storage->IsPinSet()); | 83 EXPECT_TRUE(pin_storage->IsPinSet()); |
| 83 EXPECT_EQ(pin_storage_test.PinSalt(), | 84 EXPECT_EQ(pin_storage_test.PinSalt(), |
| 84 prefs->GetString(prefs::kQuickUnlockPinSalt)); | 85 prefs->GetString(prefs::kQuickUnlockPinSalt)); |
| 85 EXPECT_EQ(pin_storage_test.PinSecret(), | 86 EXPECT_EQ(pin_storage_test.PinSecret(), |
| 86 prefs->GetString(prefs::kQuickUnlockPinSecret)); | 87 prefs->GetString(prefs::kQuickUnlockPinSecret)); |
| 87 EXPECT_NE("", pin_storage_test.PinSalt()); | 88 EXPECT_NE("", pin_storage_test.PinSalt()); |
| 88 EXPECT_NE("", pin_storage_test.PinSecret()); | 89 EXPECT_NE("", pin_storage_test.PinSecret()); |
| 89 | 90 |
| 90 pin_storage->RemovePin(); | 91 pin_storage->RemovePin(); |
| 91 EXPECT_FALSE(pin_storage->IsPinSet()); | 92 EXPECT_FALSE(pin_storage->IsPinSet()); |
| 92 EXPECT_EQ("", prefs->GetString(prefs::kQuickUnlockPinSalt)); | 93 EXPECT_EQ("", prefs->GetString(prefs::kQuickUnlockPinSalt)); |
| 93 EXPECT_EQ("", prefs->GetString(prefs::kQuickUnlockPinSecret)); | 94 EXPECT_EQ("", prefs->GetString(prefs::kQuickUnlockPinSecret)); |
| 94 } | 95 } |
| 95 | 96 |
| 96 // Verifies that: | 97 // Verifies that: |
| 97 // 1. Initial unlock attempt count is zero. | 98 // 1. Initial unlock attempt count is zero. |
| 98 // 2. Attempting unlock attempts correctly increases unlock attempt count. | 99 // 2. Attempting unlock attempts correctly increases unlock attempt count. |
| 99 // 3. Resetting unlock attempt count correctly sets attempt count to 0. | 100 // 3. Resetting unlock attempt count correctly sets attempt count to 0. |
| 100 TEST_F(PinStorageUnitTest, UnlockAttemptCount) { | 101 TEST_F(PinStorageUnitTest, UnlockAttemptCount) { |
| 101 quick_unlock::PinStorage* pin_storage = | 102 quick_unlock::PinStorage* pin_storage = |
| 102 quick_unlock::PinStorageFactory::GetForProfile(profile_.get()); | 103 quick_unlock::QuickUnlockFactory::GetForProfile(profile_.get()) |
| 104 ->pin_storage(); |
| 103 | 105 |
| 104 EXPECT_EQ(0, pin_storage->unlock_attempt_count()); | 106 EXPECT_EQ(0, pin_storage->unlock_attempt_count()); |
| 105 | 107 |
| 106 pin_storage->AddUnlockAttempt(); | 108 pin_storage->AddUnlockAttempt(); |
| 107 pin_storage->AddUnlockAttempt(); | 109 pin_storage->AddUnlockAttempt(); |
| 108 pin_storage->AddUnlockAttempt(); | 110 pin_storage->AddUnlockAttempt(); |
| 109 EXPECT_EQ(3, pin_storage->unlock_attempt_count()); | 111 EXPECT_EQ(3, pin_storage->unlock_attempt_count()); |
| 110 | 112 |
| 111 pin_storage->ResetUnlockAttemptCount(); | 113 pin_storage->ResetUnlockAttemptCount(); |
| 112 EXPECT_EQ(0, pin_storage->unlock_attempt_count()); | 114 EXPECT_EQ(0, pin_storage->unlock_attempt_count()); |
| 113 } | 115 } |
| 114 | 116 |
| 115 // Verifies that marking the strong auth makes TimeSinceLastStrongAuth a > zero | 117 // Verifies that marking the strong auth makes TimeSinceLastStrongAuth a > zero |
| 116 // value. | 118 // value. |
| 117 TEST_F(PinStorageUnitTest, TimeSinceLastStrongAuthReturnsPositiveValue) { | 119 TEST_F(PinStorageUnitTest, TimeSinceLastStrongAuthReturnsPositiveValue) { |
| 118 quick_unlock::PinStorage* pin_storage = | 120 quick_unlock::PinStorage* pin_storage = |
| 119 quick_unlock::PinStorageFactory::GetForProfile(profile_.get()); | 121 quick_unlock::QuickUnlockFactory::GetForProfile(profile_.get()) |
| 122 ->pin_storage(); |
| 120 PinStorageTestApi pin_storage_test(pin_storage); | 123 PinStorageTestApi pin_storage_test(pin_storage); |
| 121 | 124 |
| 122 EXPECT_FALSE(pin_storage_test.HasStrongAuthInfo()); | 125 EXPECT_FALSE(pin_storage_test.HasStrongAuthInfo()); |
| 123 | 126 |
| 124 pin_storage->MarkStrongAuth(); | 127 pin_storage->MarkStrongAuth(); |
| 125 | 128 |
| 126 EXPECT_TRUE(pin_storage_test.HasStrongAuthInfo()); | 129 EXPECT_TRUE(pin_storage_test.HasStrongAuthInfo()); |
| 127 pin_storage_test.ReduceRemainingStrongAuthTimeBy( | 130 pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| 128 base::TimeDelta::FromSeconds(60)); | 131 base::TimeDelta::FromSeconds(60)); |
| 129 | 132 |
| 130 EXPECT_TRUE(pin_storage->TimeSinceLastStrongAuth() >= | 133 EXPECT_TRUE(pin_storage->TimeSinceLastStrongAuth() >= |
| 131 base::TimeDelta::FromSeconds(30)); | 134 base::TimeDelta::FromSeconds(30)); |
| 132 } | 135 } |
| 133 | 136 |
| 134 // Verifies that by altering the password confirmation preference, the pin | 137 // Verifies that by altering the password confirmation preference, the pin |
| 135 // storage will request password reconfirmation as expected. | 138 // storage will request password reconfirmation as expected. |
| 136 TEST_F(PinStorageUnitTest, QuickUnlockPasswordConfirmationFrequencyPreference) { | 139 TEST_F(PinStorageUnitTest, QuickUnlockPasswordConfirmationFrequencyPreference) { |
| 137 quick_unlock::PinStorage* pin_storage = | 140 quick_unlock::PinStorage* pin_storage = |
| 138 quick_unlock::PinStorageFactory::GetForProfile(profile_.get()); | 141 quick_unlock::QuickUnlockFactory::GetForProfile(profile_.get()) |
| 142 ->pin_storage(); |
| 139 PrefService* pref_service = profile_->GetPrefs(); | 143 PrefService* pref_service = profile_->GetPrefs(); |
| 140 PinStorageTestApi test_api(pin_storage); | 144 PinStorageTestApi test_api(pin_storage); |
| 141 | 145 |
| 142 // The default is one day, so verify moving the last strong auth time back 13 | 146 // The default is one day, so verify moving the last strong auth time back 13 |
| 143 // hours should not request strong auth. | 147 // hours should not request strong auth. |
| 144 pin_storage->MarkStrongAuth(); | 148 pin_storage->MarkStrongAuth(); |
| 145 test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromHours(13)); | 149 test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromHours(13)); |
| 146 EXPECT_TRUE(pin_storage->HasStrongAuth()); | 150 EXPECT_TRUE(pin_storage->HasStrongAuth()); |
| 147 | 151 |
| 148 // Verify moving the last strong auth time back another 13 hours should | 152 // Verify moving the last strong auth time back another 13 hours should |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 183 test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromHours(8)); | 187 test_api.ReduceRemainingStrongAuthTimeBy(base::TimeDelta::FromHours(8)); |
| 184 EXPECT_FALSE(pin_storage->HasStrongAuth()); | 188 EXPECT_FALSE(pin_storage->HasStrongAuth()); |
| 185 SetConfirmationFrequency( | 189 SetConfirmationFrequency( |
| 186 pref_service, quick_unlock::PasswordConfirmationFrequency::TWELVE_HOURS); | 190 pref_service, quick_unlock::PasswordConfirmationFrequency::TWELVE_HOURS); |
| 187 EXPECT_TRUE(pin_storage->HasStrongAuth()); | 191 EXPECT_TRUE(pin_storage->HasStrongAuth()); |
| 188 } | 192 } |
| 189 | 193 |
| 190 // Verifies that the correct pin can be used to authenticate. | 194 // Verifies that the correct pin can be used to authenticate. |
| 191 TEST_F(PinStorageUnitTest, AuthenticationSucceedsWithRightPin) { | 195 TEST_F(PinStorageUnitTest, AuthenticationSucceedsWithRightPin) { |
| 192 quick_unlock::PinStorage* pin_storage = | 196 quick_unlock::PinStorage* pin_storage = |
| 193 quick_unlock::PinStorageFactory::GetForProfile(profile_.get()); | 197 quick_unlock::QuickUnlockFactory::GetForProfile(profile_.get()) |
| 198 ->pin_storage(); |
| 194 | 199 |
| 195 pin_storage->SetPin("1111"); | 200 pin_storage->SetPin("1111"); |
| 196 | 201 |
| 197 pin_storage->MarkStrongAuth(); | 202 pin_storage->MarkStrongAuth(); |
| 198 EXPECT_TRUE(pin_storage->TryAuthenticatePin("1111")); | 203 EXPECT_TRUE(pin_storage->TryAuthenticatePin("1111")); |
| 199 } | 204 } |
| 200 | 205 |
| 201 // Verifies that the correct pin will fail to authenticate if too many | 206 // Verifies that the correct pin will fail to authenticate if too many |
| 202 // authentication attempts have been made. | 207 // authentication attempts have been made. |
| 203 TEST_F(PinStorageUnitTest, AuthenticationFailsFromTooManyAttempts) { | 208 TEST_F(PinStorageUnitTest, AuthenticationFailsFromTooManyAttempts) { |
| 204 quick_unlock::PinStorage* pin_storage = | 209 quick_unlock::PinStorage* pin_storage = |
| 205 quick_unlock::PinStorageFactory::GetForProfile(profile_.get()); | 210 quick_unlock::QuickUnlockFactory::GetForProfile(profile_.get()) |
| 211 ->pin_storage(); |
| 206 | 212 |
| 207 pin_storage->SetPin("1111"); | 213 pin_storage->SetPin("1111"); |
| 208 | 214 |
| 209 // Use up all of the authentication attempts so authentication fails. | 215 // Use up all of the authentication attempts so authentication fails. |
| 210 pin_storage->MarkStrongAuth(); | 216 pin_storage->MarkStrongAuth(); |
| 211 EXPECT_TRUE(pin_storage->IsPinAuthenticationAvailable()); | 217 EXPECT_TRUE(pin_storage->IsPinAuthenticationAvailable()); |
| 212 for (int i = 0; i < quick_unlock::PinStorage::kMaximumUnlockAttempts; ++i) | 218 for (int i = 0; i < quick_unlock::PinStorage::kMaximumUnlockAttempts; ++i) |
| 213 EXPECT_FALSE(pin_storage->TryAuthenticatePin("foobar")); | 219 EXPECT_FALSE(pin_storage->TryAuthenticatePin("foobar")); |
| 214 | 220 |
| 215 // We used up all of the attempts, so entering the right PIN will still fail. | 221 // We used up all of the attempts, so entering the right PIN will still fail. |
| 216 EXPECT_FALSE(pin_storage->IsPinAuthenticationAvailable()); | 222 EXPECT_FALSE(pin_storage->IsPinAuthenticationAvailable()); |
| 217 EXPECT_FALSE(pin_storage->TryAuthenticatePin("1111")); | 223 EXPECT_FALSE(pin_storage->TryAuthenticatePin("1111")); |
| 218 } | 224 } |
| 219 | 225 |
| 220 // Verifies that the correct pin will fail to authenticate if it has been too | 226 // Verifies that the correct pin will fail to authenticate if it has been too |
| 221 // long since a strong-auth/password authentication. | 227 // long since a strong-auth/password authentication. |
| 222 TEST_F(PinStorageUnitTest, AuthenticationFailsFromTimeout) { | 228 TEST_F(PinStorageUnitTest, AuthenticationFailsFromTimeout) { |
| 223 quick_unlock::PinStorage* pin_storage = | 229 quick_unlock::PinStorage* pin_storage = |
| 224 quick_unlock::PinStorageFactory::GetForProfile(profile_.get()); | 230 quick_unlock::QuickUnlockFactory::GetForProfile(profile_.get()) |
| 231 ->pin_storage(); |
| 225 PinStorageTestApi pin_storage_test(pin_storage); | 232 PinStorageTestApi pin_storage_test(pin_storage); |
| 226 | 233 |
| 227 pin_storage->SetPin("1111"); | 234 pin_storage->SetPin("1111"); |
| 228 pin_storage->MarkStrongAuth(); | 235 pin_storage->MarkStrongAuth(); |
| 229 EXPECT_TRUE(pin_storage->IsPinAuthenticationAvailable()); | 236 EXPECT_TRUE(pin_storage->IsPinAuthenticationAvailable()); |
| 230 | 237 |
| 231 // Remove all of the strong auth time so that we have a strong auth timeout. | 238 // Remove all of the strong auth time so that we have a strong auth timeout. |
| 232 pin_storage_test.ReduceRemainingStrongAuthTimeBy( | 239 pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| 233 base::TimeDelta::FromDays(10)); | 240 base::TimeDelta::FromDays(10)); |
| 234 | 241 |
| 235 EXPECT_FALSE(pin_storage->IsPinAuthenticationAvailable()); | 242 EXPECT_FALSE(pin_storage->IsPinAuthenticationAvailable()); |
| 236 } | 243 } |
| 237 } // namespace chromeos | 244 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2715823004:
Add FingerprintUnlock KeyedService for each profile (Closed)
